- Security Settings
- Displays information about the top-level security attributes.
These attributes set the default for administrative security for
the server, such as whether security is enabled, the default user
registry, or if Java security
is enabled.
For more information, read the Global security settings
article.
- Authentication Mechanisms and expirations
- Contains all the attributes associated with each authentication
mechanisms and trust associations as defined in the configuration.
- User Registry
- Displays the attributes for the default user registry for the
server.
- Authorization configuration
- Displays attributes configured for an external Java Authorization Contract for Containers (JACC)
provider.
- Application login configuration
- Displays application JAAS login entries and their login modules
attributes.
For more information, read the SSL configurations
collection article.
- CSI
- Displays the attributes that define the inbound and outbound information
for the Common Secure Interoperability (CSI) protocol.
- SSL configuration repertoires
- Displays the attributes that make up the Secure Sockets Layer
(SSL) configuration used by the server. There can be multiple SSL
configurations defined, and information about each is displayed.
This object is often referenced by an SSL configuration group object
used to associate it with an inbound or an outbound connection.
For
more information, read the SSL configurations collection article.
- Key stores
- Displays the keystore attributes for each keystore in the configuration.
Keystore objects in the configuration are often referenced by an
SSL configuration object in the configuration.
For more information,
read the Personal certificates collection article.
- Trust managers
- Displays the attributes that make up trust managers that can be
used by the server. Trust manager objects in the configuration are
typically referenced by an SSL configuration object.
For the more
information, read the Trust managers collection article.
- Key managers
- Displays the attributes that make up the key managers that are
used by the server. Key manager objects in the configuration are
typically referenced by an SSL configuration object.
For more information,
read the Key managers collection article.
- SSL configuration group
- Displays the attributes that make up an SSL configuration that
are used for an outbound or an inbound connection.
- Management scope
- Displays the attributes that make up a management scope. The
SSL configuration-related objects in the security configuration are
defined within a management scope to reference the management scope
object.
For more information, read the Management scope configurations
article.
- Key set groups
- Displays the attributes that make up a group of key sets, which
are used to manage public, private and shared keys.
For more information,
read the Key set groups collection article.
- Key set
- Displays the attributes that make up the key set, which is used
to manage public, private, and shared keys.
For more information,
read the Key sets collection article.
- Schedules
- Displays the attributes that make up the scheduled process in
the security configuration.
- Notifications
- Displays the attributes that make up notification objects in the
security configuration.
- Manage certificate expiration
- Displays the attributes that define how startCertificateExpMonitor
is run on the server.
- System login configuration
- Displays the attributes that define the System login entries and
their login modules.
For more information, read the System login
configuration entry settings for Java Authentication
and Authorization Service article.
- Custom properties
- Displays all the custom properties that are defined in the security
configuration.
For more information, read the Custom properties
article.
- Web Authentication
- Displays properties that are used to define web authentication
used by the server.
For more information, read the web authentication
settings article.
- Administrative Users and Groups
- Displays the attributes that define roles and the users and groups
associated with them as found in the admin-authz.xml file.
The column titled Administrative Role Name contains
the name of the administrative role. A column titled Administrative
Role Value contains the user ID associated with the role
(if one exists).
For more information, read the Administrative roles
article.
- Corba Naming Console Names
- Displays the defined CORBA naming roles and the users that are
assigned to the roles.
For more information, read the Administrative
group roles and CORBA naming service groups article.
- Console Name for Certificate Management
- Lists all the certificate in keystore that are defined in the
security configuration. There is also information about the certificates
location and their validity period.
- Cookie Protection
- Displays attributes that pertain to HTTP Cookies. This section
differs from other sections since information is gathered from different
configuration files. The HttpOnly custom property, the web authentication
com.ibm.wsspi.security.web.webAuthReq property, and the session security
setting on each server are displayed on the report.
- Java Authorization SPI Configuration
- Displays the attributes that are defined for the Java Authorization SPI (JASPI) configuration.
If there is a JASPI configuration object in the security configuration,
information is included concerning whether JASPI is enabled, the name
of the default JASPI provider, and a list of defined providers and
their authentication modules.
Note: If JASPI has not been configured,
this section is not shown in the security configuration report.